惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

T
Threat Research - Cisco Blogs
博客园 - 聂微东
小众软件
小众软件
P
Proofpoint News Feed
Security Archives - TechRepublic
Security Archives - TechRepublic
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
TaoSecurity Blog
TaoSecurity Blog
博客园 - 司徒正美
罗磊的独立博客
N
News and Events Feed by Topic
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
S
Security Affairs
S
Security @ Cisco Blogs
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
The GitHub Blog
The GitHub Blog
月光博客
月光博客
S
Secure Thoughts
P
Proofpoint News Feed
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
Forbes - Security
Forbes - Security
H
Heimdal Security Blog
W
WeLiveSecurity
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
L
LangChain Blog
T
The Blog of Author Tim Ferriss
NISL@THU
NISL@THU
Google DeepMind News
Google DeepMind News
Cloudbric
Cloudbric
H
Hacker News: Front Page
The Last Watchdog
The Last Watchdog
Hacker News - Newest:
Hacker News - Newest: "LLM"
C
Cisco Blogs
博客园 - 三生石上(FineUI控件)
博客园_首页
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
S
Schneier on Security
Project Zero
Project Zero
SecWiki News
SecWiki News
爱范儿
爱范儿
The Register - Security
The Register - Security
AI
AI
H
Hackread – Cybersecurity News, Data Breaches, AI and More
Y
Y Combinator Blog
L
Lohrmann on Cybersecurity
Application and Cybersecurity Blog
Application and Cybersecurity Blog
P
Privacy International News Feed
J
Java Code Geeks
S
Securelist
C
Cyber Attacks, Cyber Crime and Cyber Security
V
Visual Studio Blog

Let's Encrypt

The difficulty of making sure your website is broken Simplifying Certificate Renewals for Millions of Domains with ACME Renewal Information (ARI) Six-Day and IP Address Certificates Available in Certbot Shorter Certificate Lifetimes and Rate Limits DNS-PERSIST-01: A New Model for DNS-based Challenge Validation On the Importance of "Hello" and "Thanks" 6-day and IP Address Certificates are Generally Available 10 Years of Let's Encrypt Certificates Decreasing Certificate Lifetimes to 45 Days New "Generation Y" Hierarchy of Root and Intermediate Certificates Ten Years of Community Support ACME Renewal Information (ARI) Published as RFC 9773 Native ACME Support Comes to NGINX End of Life Plan for RFC 6962 Certificate Transparency Logs OCSP Service Has Reached End of Life We've Issued Our First IP Address Certificate Expiration Notification Service Has Ended Reflections on a Year of Sunlight How We Reduced the Impact of Zombie Clients Sustaining a More Secure Internet: The Power of Recurring Donations Ending TLS Client Authentication Certificate Support in 2026 How Pebble Supports ACME Client Developers Ten Years of Let's Encrypt: Announcing support from Jeff Atwood We Issued Our First Six Day Cert Encryption for Everybody Scaling Our Rate Limits to Prepare for a Billion Active Certificates Ending Support for Expiration Notification Emails Announcing Six Day and IP Address Certificate Options in 2025 Announcing Certificate Profile Selection Ending OCSP Support in 2025 Intent to End OCSP Service More Memory Safety for Let’s Encrypt: Deploying ntpd-rs Let’s Encrypt Continues Partnership with Princeton to Bolster Internet Security Takeaways from Tailscale’s Adoption of ARI An Engineer’s Guide to Integrating ARI into Existing ACME Clients Deploying Let's Encrypt's New Issuance Chains Introducing Sunlight, a CT implementation built for scalability, ease of operation, and reduced cost A Year-End Letter from our Vice President Our role in supporting the nonprofit ecosystem Increase your security governance with CAA Shortening the Let's Encrypt Chain of Trust ISRG’s 10th Anniversary Improving Resiliency and Reliability for Let’s Encrypt with ARI Thank you to our 2023 renewing sponsors A Look into the Engineering Culture at ISRG Let’s Encrypt improves how we manage OCSP responses A New Life for Certificate Revocation Lists Nurturing Continued Growth of Our Oak CT Log TLS Beyond the Web: How MongoDB Uses Let’s Encrypt for Database-to-Application Security Let’s Encrypt Receives the Levchin Prize for Real-World Cryptography New Major Funding from the Ford Foundation TLS Simply and Automatically for Europe’s Largest Cloud Customers Making the Web safer and more secure for everyone Resources for Certificate Chaining Help Speed at scale: Let’s Encrypt serving Shopify’s 4.5 million domains Preparing to Issue 200 Million Certificates in 24 Hours The Next Gen Database Servers Powering Let's Encrypt A Year-End Letter from the Executive Director of Let's Encrypt and ISRG Extending Android Device Compatibility for Let's Encrypt Certificates Standing on Our Own Two Feet [Updated] Let's Encrypt's New Root and Intermediate Certificates Let's Encrypt Has Issued a Billion Certificates Multi-Perspective Validation Improves Domain Validation Security How Let's Encrypt Runs CT Logs Onboarding Your Customers with Let's Encrypt and ACME Introducing Oak, a Free and Open Certificate Transparency Log Transitioning to ISRG's Root The ACME Protocol is an IETF Standard Facebook Expands Support for Let’s Encrypt Looking Forward to 2019 Let's Encrypt Root Trusted By All Major Root Programs Engineering deep dive: Encoding of SCTs in certificates Looking Forward to 2018 ACME Support in Apache HTTP Server Project Wildcard Certificates Coming January 2018 Milestone: 100 Million Certificates Issued ACME v2 API Endpoint Coming January 2018 OVH Renews Platinum Sponsorship of Let's Encrypt Let’s Encrypt 2016 In Review Launching Our Crowdfunding Campaign Our First Grant: The Ford Foundation Squarespace OCSP Stapling Implementation Introducing Internationalized Domain Name (IDN) Support ISRG Legal Transparency Report, January 2016 - June 2016 What It Costs to Run Let's Encrypt Let's Encrypt Root to be Trusted by Mozilla Full Support for IPv6 Defending Our Brand [Updated] Progress Towards 100% HTTPS, June 2016 Leaving Beta, New Sponsors ISRG Legal Transparency Report, July 2015 - December 2015 New Name, New Home for the Let's Encrypt Client Software Our Millionth Certificate OVH Sponsors Let's Encrypt Entering Public Beta Facebook Sponsors Let's Encrypt Public Beta: December 3, 2015 Why ninety-day lifetimes for certificates? The CA's Role in Fighting Phishing and Malware Let's Encrypt is Trusted
New Intermediate Certificates
2024-03-19 · via Let's Encrypt

On Wednesday, March 13, 2024, Let’s Encrypt generated 10 new Intermediate CA Key Pairs, and issued 15 new Intermediate CA Certificates containing the new public keys. These new intermediate certificates provide smaller and more efficient certificate chains to Let’s Encrypt Subscribers, enhancing the overall online experience in terms of speed, security, and accessibility.

First, a bit of history. In September, 2020, Let’s Encrypt issued a new root and collection of intermediate certificates. Those certificates helped us improve the privacy and efficiency of Web security by making ECDSA end-entity certificates widely available. However, those intermediates are approaching their expiration dates, so it is time to replace them.

Our new batch of intermediates are very similar to the ones we issued in 2020, with a few small changes. We’re going to go over what those changes are and why we made them.

The New Certificates

We created 5 new 2048-bit RSA intermediate certificates named in sequence from R10 through R14. These are issued by ISRG Root X1. You can think of them as direct replacements for our existing R3 and R4 intermediates.

We also created 5 new P-384 ECDSA intermediate certificates named in sequence from E5 through E9. Each of these is represented by two certificates: one issued by ISRG Root X2 (exactly like our existing E1 and E2), and one issued (or cross-signed) by ISRG Root X1.

You can see details of all of the certificates on our updated hierarchy page.

Let’s Encrypt 2024 Ceremony

Rotating Issuance

Rotating the set of intermediates we issue from helps keep the Internet agile and more secure. It encourages automation and efficiency, and discourages outdated practices like key pinning. “Key Pinning” is a practice in which clients — either ACME clients getting certificates for their site, or apps connecting to their own backend servers — decide to trust only a single issuing intermediate certificate rather than delegating trust to the system trust store. Updating pinned keys is a manual process, which leads to an increased risk of errors and potential business continuity failures.

Intermediates usually change only every five years, so this joint is exercised infrequently and client software keeps making the same mistakes. Shortening the lifetime from five years to three years means we will be conducting another ceremony in just two years, ahead of the expiration date on these recently created certificates. This ensures we exercise the joint more frequently than in the past.

We also issued more intermediates this time around. Historically, we’ve had two of each key type (RSA and ECDSA): one for active issuance, and one held as a backup for emergencies. Moving forward we will have five: two conducting active issuance, two waiting in the wings to be introduced in about one year, and one for emergency backup. Randomizing the selected issuer for a given key type means it will be impossible to predict which intermediate a certificate will be issued from. We are very hopeful that these steps will prevent intermediate key pinning altogether, and help the WebPKI remain agile moving forward.

These shorter intermediate lifetimes and randomized intermediate issuance shouldn’t impact the online experience of the general Internet user. Subscribers may be impacted if they are pinning one of our intermediates, though this should be incredibly rare.

Providing Smaller Chains

When we issued ISRG Root X2 in 2020, we decided to cross-sign it from ISRG Root X1 so that it would be trusted even by systems that didn’t yet have ISRG Root X2 in their trust store. This meant that Subscribers who wanted issuance from our ECDSA intermediates would have a choice: they could either have a very short, ECDSA-only, but low-compatibility chain terminating at ISRG Root X2, or they could have a longer, high-compatibility chain terminating at ISRG Root X1. At the time, this tradeoff (TLS handshake size vs compatibility) seemed like a reasonable choice to provide, and we provided the high-compatibility chain by default to support the largest number of configurations.

ISRG Root X2 is now trusted by most platforms, and we can now offer an improved version of the same choice. The same very short, ECDSA-only chain will still be available for Subscribers who want to optimize their TLS handshakes at the cost of some compatibility. But the high-compatibility chain will be drastically improving: instead of containing two intermediates (both E1 and the cross-signed ISRG Root X2), it will now contain only a single intermediate: the version of one of our new ECDSA intermediates cross-signed by ISRG Root X1.

This reduces the size of our default ECDSA chain by about a third, and is an important step towards removing our ECDSA allow-list.

Other Minor Changes

We’ve made two other tiny changes that are worth mentioning, but will have no impact on how Subscribers and clients use our certificates:

  • We’ve changed how the Subject Key ID field is calculated, from a SHA-1 hash of the public key, to a truncated SHA-256 hash of the same data. Although this use of SHA-1 was not cryptographically relevant, it is still nice to remove one more usage of that broken algorithm, helping move towards a world where cryptography libraries don’t need to include SHA-1 support at all.

  • We have removed our CPS OID from the Certificate Policies extension. This saves a few bytes in the certificate, which can add up to a lot of bandwidth saved over the course of billions of TLS handshakes.

Both of these mirror two identical changes that we made for our Subscriber Certificates in the past year.

Deployment

We intend to put two of each of the new RSA and ECDSA keys into rotation in the next few months. Two of each will be ready to swap in at a future date, and one of each will be held in reserve in case of an emergency. Read more about the strategy in our December 2023 post on the Community Forum.

Not familiar with the forum? It’s where Let’s Encrypt publishes updates on our Issuance Tech and APIs. It’s also where you can go for troubleshooting help from community experts and Let’s Encrypt staff. Check it out and subscribe to alerts for technical updates.

We hope that this has been an interesting and informative tour around our new intermediates, and we look forward to continuing to improve the Internet, one certificate at a time.

We depend on contributions from our community of users and supporters in order to provide our services. If your company or organization would like to sponsor Let’s Encrypt please email us at sponsor@letsencrypt.org. We ask that you make an individual contribution if it is within your means.